--- Begin Message ---
Subject: |
Re: How NASA does software testing and QA (Functionize) |
Date: |
Tue, 28 Apr 2020 17:05:17 +0800 |
A couple of quotes from the article that I found depressing:
> Crumbley recommends the CMMI Institute's Capability Maturity Model
> Integration (CMMI) as a good process model.
CMMI defined five "maturity levels" starting at level 1: "Processes
unpredictable, poorly controlled and reactive."
So to say that you use "CMMI" just means you have decided which maturity
level your process is currently defined as. You could be level 1 and happy
with it!
Crumbley does not say what level NASA's software development department has
currently reached, or what level they are aiming at nor what steps they are
taking to reach the desired level. Instead he says:
> We use the CMMI model as a tool to see how our software development
> practices compare with other industries
"Other industries" have woefully inadequate software development practices:
as exemplified in every issue of comp.risks! Comparing yourself with them
just gives a false sense of security. NASA's software requirements are so
much more stringent than the vast majority of other industries: on other
industries, if the software more-or-less works, only needs rebooting
occasionally and only has a few zero-day exploits per week, then the
software is considered to be a success. He does not even *mention* formal
methods.
--- End Message ---